Open techBrandon opened 3 months ago
SamErde
commented
3 months ago Will have to review. If my memory serves me correctly, this was to align with the practice of using groups instead of individual users in ACLs. Thanks for the thoughtful review and feedback!
techBrandon
commented
3 months ago Thanks Sam! Just an inconsistency I found in reviewing a report so I wanted it captured somewhere before I lost track of it. I agree with encouraging the use of groups but maybe we should distinguish the difference between "intentional" groups vs. "Everyone", "Domain Users", "Domain Computers".
On Tue, Jun 11, 2024 at 10:34 AM Sam Erde @.***> wrote:
Will have to review. If my memory serves me correctly, this was to align with the practice of using groups instead of individual users in ACLs. Thanks for the thoughtful review and feedback!
— Reply to this email directly, view it on GitHub https://github.com/TrimarcJake/Locksmith/issues/132#issuecomment-2161063988, or unsubscribe https://github.com/notifications/unsubscribe-auth/A4VXNXV55EVNYFBYTV6EFFLZG4KJVAVCNFSM6AAAAABJEFTTWOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNRRGA3DGOJYHA . You are receiving this because you authored the thread.Message ID: @.***>
TrimarcJake
commented
3 months ago @techBrandon
I think easily identifiable "intentional" groups would fall under the BuiltIn/PKIAdmins group branch of the flowchart. But I see what you're saying. We should chat about this more during SMEeting.
...Also it's very likely a copy/paste error.
TrimarcJake
commented
3 months ago Related to #117
The flowchart for ESC3 (https://github.com/TrimarcJake/Locksmith/blob/main/Docs/Flowcharts/ESC3.md) categorizes a group with a large "group size" as Medium but a lists a User as High. This is the only flowchart that does this. All other's categorize the large groups as a high. Thank you good sirs. You are a delight.